Poulsen talked to Byttow after a hacker revealed to him that he
could find out all the Secrets Poulsen shared on the app. The
idea of the hack was simple, though the process was a bit
arduous:

Secret pulls in information from your contact list, so you only
see posts from your friends, or from friends of friends. So, if
you delete your real contact list, make a bunch of dummy Secret
accounts, add the email addresses you used to make them to your
blank contact list, then added someone's real email address to
your contact list, the only real posts you'd see from "friends"
in your Secret feed would expose the poster. Viola: You know all
that one friend's secrets.

Because the hacker, Ben Caudill, is "white hat" (a hacker who
considers him or herself to be ethical), he revealed the flaw to
Secret and Byttow's team has since fixed the vulnerability —
their algorithm now detects bots or other suspicious activity and
will start being more vague, like labeling posts as from someone
"in your circle" instead of from a "friend" or "friend of a
friend."

In fact, since Secret started offering a bounty for hackers that
alerted the company about bugs in the app in February, it has
learned about and fixed 42 different security holes. The
numbers are a clear warning: Secret isn't perfectly secure and
the term "anonymous" should be taken with a grain of salt.

Here's a look at some of the "popular" secrets being highlighted
on Secret's homepage right now:

Secret

"The thing we
try to help people acknowledge is that anonymous doesn’t mean
untraceable," Byttow says.

In other words: Maybe think twice before you share that explicit
image or scandalous detail.